[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 02/11] IOMMU: handle IOMMU mapping and unmapping failures



>>> On 18.04.16 at 16:00, <quan.xu@xxxxxxxxx> wrote:
> --- a/xen/drivers/passthrough/iommu.c
> +++ b/xen/drivers/passthrough/iommu.c
> @@ -243,21 +243,33 @@ int iommu_map_page(struct domain *d, unsigned long gfn, 
> unsigned long mfn,
>                     unsigned int flags)
>  {
>      struct hvm_iommu *hd = domain_hvm_iommu(d);
> +    int rc;
>  
>      if ( !iommu_enabled || !hd->platform_ops )
>          return 0;
>  
> -    return hd->platform_ops->map_page(d, gfn, mfn, flags);
> +    rc = hd->platform_ops->map_page(d, gfn, mfn, flags);
> +
> +    if ( rc && !is_hardware_domain(d) )
> +        domain_crash(d);
> +
> +    return rc;
>  }

As said before - letting this go completely silently for the hardware
domain is bad. At least the first instance of such an event needs a
message to be logged. Advanced variants where a message gets
logged once in a while if the issue re-occurs would be nice, but
aren't strictly necessary imo. And note that even logging all
occurrences would not be a security issue, but just a usability one
(but I still recommend against this).

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.